Stories‎ > ‎

The Three M's of the Cybersecurity Insider Threat Revealed

posted Jun 13, 2018, 7:03 AM by James Caroland   [ updated Jun 13, 2018, 7:04 AM ]
By John Galliano, Contributing Editor 

Article Summary

Very likely, as a military cyber professional, you work in well secured environment with next-generation firewalls, intrusion detection/prevention and other specialized sensors to safeguard your perimeter and protect your organization's information. But how often do you consider your internal defenses and the trusted people already on the inside? The cyber insider threat should be of concern to military cyber professionals because it puts your organization, your data, and your people at heightened risk. Given the associated tangible and intangible costs, clearly the insider threat is an important issue. 

The cyber insider threat is not a new problem. Operating from the inside and unconcerned with perimeter defenses, insiders like Snowden and Manning have arguably caused unparalleled damage to the U.S. intelligence and diplomatic missions. Insiders in the context of cybersecurity have access to an organization’s network, system, or data and may intentionally exceed or use that access in a manner that negatively impacts the C-I-A of the organization’s information or information systems. 

By examining the cyber insider threat in this article, I clarify the meaning, the motivation, and the mitigation of the cyber insider threat. Insider threat attacks are costly both in terms of time and money, and ultimately may put military operations and lives in jeopardy. Insiders are influenced by a range of motivations including personal gain, perceived injustice, and the greater cause. The good news for military leaders is that a number of mitigating factors may be employed to counter the potential impacts of the cyber insider threat including education, monitoring, and control. Implementing a strong and vigilant insider threat program is your first line of defense and your best protection.